Appln. Serial No. 09/714,082 
Amendment Under 37 C.F.R. § 1.312 

AMENDMENTS TO THE CLAIMS 
This listing of claims replaces all prior versions, and listings, of claims in the application: 
1 L (Cancelled) 

1 2. (Previously Presented) The method of claim 32, wherein establishing the secure 

2 link comprises establishing a virtual private network session. 

1 3. (Cancelled) 

1 4. (Previously Presented) The method of claim 32, wherein sending the at least one 

2 ping message comprises sending at least one Internet Control Message Protocol message. 

1 5. (Previously Presented) A method of determining if a link is alive, comprising: 

2 establishing a secure link between a first node and a second node according to a 

3 security protocol; 

4 sending at least one ping message targeting the second node over the secure link, 

5 the at least one ping message defined outside the security protocol; and 

6 monitoring for at least one ping reply to determine if a security association of the 

7 secure link is valid, 

8 wherein sending the at least one ping message comprises sending at least one 

9 Internet Control Message Protocol message. 

1 6. (Previously Presented) The method of claim 32, wherein establishing the secure 

2 link comprises establishing the secure link between first and second nodes each comprising a 

3 security gateway. 

1 7. (Previously Presented) The method of claim 6, further comprising sending at 

2 least one ping message targeting another node connected to a network behind the second node. 
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1 8. (Previously Presented) The method of claim 7, further comprising monitoring for 

2 at least one ping reply from the other node. 

1 9. (Previously Presented) The method of claim 32, further comprising tearing down 

2 the secure link if the EPsec security association is determined not to be valid. 

1 10. (Previously Presented) The method of claim 9, wherein tearing down the secure 

2 * link comprises tearing down the IPsec security association. 

1 11. (Cancelled) 

1 12. (Previously Presented) The method of claim 34, wherein establishing the secure 

2 link comprises establishing a secure link protected according to an Internet Protocol Security 

3 protocol. 

1 13. (Previously Presented) The method of claim 34, wherein establishing the secure 

2 link comprises establishing a virtual private network session. 

1 14.-15. (Cancelled) 

1 16. (Previously Presented) The method of claim 34, wherein sending the at least one 

2 ping message comprises sending an Internet Control Message Protocol message. 

1 17. (Original) The method of claim 16, wherein establishing the secure link 

2 comprises establishing a secure link protected according to an Internet Protocol Security 

3 protocol. 

1 18.-19. (Cancelled) 
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1 20. (Previously Presented) A system for communicating between a network element 

2 and a remote node, comprising: 

3 a security module adapted to establish a secure link with the remote node, the 

4 secure link having a security mechanism according to a security protocol; and 

5 a keep-alive module adapted to send at least one ping message over the secure 

6 link to the remote node, the at least one ping message defined outside the security protocol, 

7 wherein the at least one ping message comprises an Internet Control Message 

8 - Protocol message, 

9 wherein the keep-alive module is adapted to further monitor for at least one ping 

10 reply responsive to the at least one ping message to determine if a security association of the 

1 1 security link is valid. 

1 21 . (Previously Presented) The system of claim 26, further comprising: 

2 an interface to a packet-based network, the secure link established over the 

3 packet-based network; and 

4 a layer to control communications over the packet-based network. 

1 22. (Original) The system of claim 21, wherein the layer comprises an Internet 

2 Protocol layer. 

1 23. (Cancelled) 

1 24. (Previously Presented) The system of claim 26, wherein the security module is 

2 adapted to tear down the security association of the secure link if the secure link is not alive. 

1 25. (Original) The system of claim 24, wherein the security association comprises an 

2 Internet Protocol Security protocol security association. 
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1 26. (Previously Presented) A system for communicating between a network element 

2 and a remote node, comprising: 

3 a security module adapted to establish a secure link with the remote node, the 

4 secure link having a security mechanism according to a security protocol; and 

5 a keep-alive module adapted to send at least one ping message over the secure 

6 link to the remote node, the at least one ping message defined outside the security protocol, 

7 wherein the at least one ping message is protected according to the security 

8 - protocol, 

9 wherein the keep-alive module is adapted to further monitor for at least one ping 

10 * reply responsive to the at least one ping message to determine if a security association of the 

1 1 secure link is valid, the system further comprising a module adapted to establish a link over a 

12 secondary communication network if the secure link is not alive. 

1 27. (Cancelled) 

1 28. (Previously Presented) The article of claim 38, wherein the instructions when 

2 executed cause the controller to further establish an Internet Protocol security association for the 

3 secure link. 

1 - 29. (Original) The article of claim 28, wherein the instructions when executed cause 

2 the controller to tear down the security association if the controller does not receive the at least 

3 one ping reply. 

1 30. (Previously Presented) The article of claim 38, wherein the controller is part of 

2 the first node. 

1 31. (Cancelled) 
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1 32. (Previously Presented) A method comprising: 

2 establishing a secure link between a first node and a second node according to an 

3 Internet Protocol Security (IPsec) protocol; 

4 sending at least one ping message targeting the second node over the secure link, 

5 the at least one ping message defined outside the IPsec protocol; and 

6 monitoring for at least one ping reply to determine if an IPsec security association 

7 of the secure link is valid, 

8 . wherein sending the at least one ping message comprises sending the at least one 

9 ping message protected according to the IPsec protocol. 

1 33. (Cancelled) 

1 34. (Currently Amended) A method of communicating with a remote node, 

2 comprising: 

3 establishing a secure link between a first security gateway and a second security 

4 gateway, the remote node in communication with the second security gateway over a network 

5 separate from the secure link; 

6 sending at least one ping message to the remote node over the secure link, through 

7 the second security gateway, and over the network; and 

8 ' monitoring for at least one ping reply from the remote node to determine if [[a]] a 

9 security association of the secure link is valid, 

10 wherein establishing the secure link comprises establishing a secure link protected 

1 1 according to a security protocol, 

12 wherein sending the at least one ping message comprises sending at least one ping 

13 message defined outside the security protocol, 

14 wherein sending the at least one ping message comprises sending the at least one 

15 ping message protected according to the security protocol. 
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1 35. (Previously Presented) The method of claim 34, wherein the security protocol 

2 comprises an Internet Protocol Security protocol (IPsec), and wherein sending the at least one 

3 ping message comprises sending the at least one ping message encrypted according to an IPsec 

4 security association. 

1 36. (Cancelled) 

1 . 37. (Previously Presented) The system of claim 26, wherein the security protocol 

2 comprises an Internet Protocol Security protocol (IPsec), and wherein the at least one ping 

3 message is encrypted according to an IPsec security association. 

1 38. (Previously Presented) An article comprising at least one storage medium 

2 containing instructions for controlling communications, the instructions when executed causing a 

3 controller to: 

4 establish a secure link between a first node and a second node according to a 

5 security protocol; 

6 send at least one ping message targeting the second node over the secure link, the 

7 at least one ping message defined outside the security protocol; and 

8 monitor for at least one ping reply to determine if a security association of the 

9 - secure link is valid, 

10 wherein sending the at least one ping message comprises sending the at least one 

1 1 ping message protected according to the security protocol. 

1 39. (Previously Presented) The article of claim 38, wherein the security protocol 

2 comprises an Internet Protocol Security protocol (IPsec), wherein the security association of the 

3 secure link comprises an IPsec security association, and wherein sending the at least one ping 

4 message comprises sending the at least one ping message encrypted according to the IPsec 

5 security association. 

1 40.-43. (Cancelled) 
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